Slashdot Mirror

← Back to Stories (view on slashdot.org)

IOS 4.1 Jailbroken Already

Posted by samzenpus on from the what-took-so-long dept.

mspohr writes "Just hours after Apple released iOS 4.1 to great fanfare, hardware hackers found a way to jailbreak devices that run the new operating system. More surprising still, there doesn't appear to be anything Steve Jobs can do to stop them in the near future. The exploit in the boot ROM of iOS devices was first announced by iPhone Dev-Team member pod2g. It was soon confirmed by other hackers, who said that because the exploit targets such a low-level part of the operating system, Apple won't be able to stop jailbreakers without making significant hardware changes."

13 of 315 comments (clear)

  1. Apple's security by Anonymous Coward · · Score: 4, Insightful

    Apple always says Mac OS X and Apple products are secure, non-exploitable and virus free. How are there exploits then?

    1. Re:Apple's security by Anonymous Coward · · Score: 5, Insightful

      this is absolutely incorrect, the first gen ios4 exploits were remote exploits.

    2. Re:Apple's security by Anonymous Coward · · Score: 3, Insightful

      The point you miss is that it existing. These devices are not new and apple have plenty of unix experience these days. Their apps are broken and they're running at the wrong user level. They basically have a bad a reputation as MS for securing their devices.

    3. Re:Apple's security by Servaas · · Score: 3, Insightful

      Correct way of stating is: They are too locked down when it comes to user configuration yet to open to be called a secure device.

    4. Re:Apple's security by Whiney+Mac+Fanboy · · Score: 4, Insightful

      is it that Apple lock their devices down too much? Or that they are not locked down enough? Can't be both...

      Why can't it be both? Can't you grasp the difference between too locked down for the owner and too locked down for an attacker?

      Let me put it in the same way (including misspellings) as your original post:

      Suckure from what? External sources?--Generally not enough. Secure from the owner modifying the software directly?--Generally too much.

      --
      There are shills on slashdot. Apparently, I'm one of them.
    5. Re:Apple's security by erroneus · · Score: 3, Insightful

      I generally agree with this sentiment. Typically, locked down and secure are not always the same, but as Apple's style seems to revolve around things being locked down where user and developer freedoms are concerned, it would seem quite natural that they would also lock down the way apps and the OS behave as well. The fact that Mac OS X demonstrably doesn't follow this pattern religiously would seem to indicate that they don't follow their own ideals. Unixes have tremendous capacity for being locked down and secured. It says something "not good" when they fail to take advantage of those features and functions... it's almost as if they don't know what they are doing or don't care to do it right if they do. I would expect more from their highly paid and decorated experts.

      People are led to believe they should expect more from Apple; higher standards of quality. This doesn't appear to be bearing out.

      With all this Apple-negative said, I still believe that if they got more serious about it, they could probably accomplish what they set out to do -- they just have to want to do it.

    6. Re:Apple's security by oztiks · · Score: 5, Insightful

      Absolute fantasy! Apple is unprepared for security and the way the iPad has been cobbled together is proof of this. Their software hasn't been targeted until now and the exploitation of Apple products _are_ becoming more commonplace.

      You cant compare it to how Windows was back in the day or any notions like that because Apple is currently going through what Microsoft was unprepared for back then but with a more sophisticated mindset and strategy (crackers / cyber-criminals are smarter these days). Apple based itself on UNIX around the time the internet became common in the household as a result saved them a fair amount of grief but hardly places it as a more secure product in todays world.

      The lack of Apples popularity had always kept them in niche marketplaces until now but the iPhone now makes them commonplace and popular enough to mean money for blackmarket hacking. This doesn't mean its more secure its totally the opposite. It means it's less secure because it hasn't been targeted until now. In fact I'd spout there are just as many exploits in the wild for iOS and MacOS as there is for Windows Vista in present day.

      For companies a high patch rate and focus on security means a hampering of innovation because development resources becomes focused on fixing problems rather than creating new features. Truthfully, the iPad is a product of that hampering, from my experience its like using a half built house with its scaffolding still attached too it and for the iPhone 4 even the sales people at the phone store cant find feature lists convincing enough to get me to upgrade from a 3GS to a 4. The question "why should i upgrade?" doesn't get answered with a solid response.

      Did we get any of those iPhone 4 sales through the roof crap this month on /. ? No Thank God!!!

    7. Re:Apple's security by sarhjinian · · Score: 4, Insightful

      Adobe's shitty PDF specification that allows embedded fonts to be stored in documents

      There's nothing wrong with this. The intent of PDF is to make a document viewable on every platform in the same way and you can't do that without either embedding fonts or re-rendering fonts as outline drawings (which wastes a lot of space, makes text editing and markup impossible, and increases complexity).

      --
      --srj/mmv
  2. Come on guys by dbIII · · Score: 4, Insightful

    Just get a Nokia N900 that already gives you full root access and lets you boot into other stuff anyway without encouraging this closed and inferior platform.

  3. the problem with these hacks by StripedCow · · Score: 3, Insightful

    Sigh, here are some problems I have with these kind of hacks:

    1. If it really becomes a problem for steve, he will block it at the hardware level in the next major version, or even in the next minor version.
    2. I cannot rely on the fact that there will always be a jailbreak available if I lose my phone, due to 1.
    3. It is only semi-legal. Apple will not like me.
    4. I loose support.
    5. Companies cannot be based on these kind of hacks due to 1,2,3,4, so there will never be a large user-base (or it will grow very slowly)
    6. ...
    7. No profit! Due to 5. :)

    --
    If Pandora's box is destined to be opened, *I* want to be the one to open it.
  4. Because they are full of shit by Sycraft-fu · · Score: 3, Insightful

    If you have a system that people can get at and modify, then there is no such thing as a secure system. This idea that you can make an OS that can't be exploited is BS. Certainly things can be done to make it harder, but you can't make it impossible.

    You discover that in the event you do need something, like say a database server, that is "exploit free" that to get it you have to cope with a lot of restrictions. The company that sells it to you, someone like IBM, will be providing the hardware, OS, software, and so on. They'll have tested it all extensively to make sure that there aren't any hidden issues that might cause a crash. Once in place, you don't get to touch it. There is no installing software on it, no messing with it. It will run what they say it'll run. If changes need to be made, it'll be a lengthy and expensive process.

    What's more, nothing will get at it directly. It'll be behind a firewall (not necessarily the kind of firewall you are used to thinking of), inputs will be sanitized, that kind of thing. It will only get inputs that are clean, in the correct format, that can't cause problems. Needless to say, it'll be in a secure server room and your staff had better leave it alone.

    When you totally control a system like that, yes with testing you can be pretty sure it is "bug free" and "exploit free". However for something going out to the masses? No such thing. The person with physical access can pretty much do anything, but even if not security is hard to guarantee. When arbitrary apps can be installed, some of those can be evil. Things like filtering them (as is done with the app store) can reduce it, but not eliminate it.

  5. Re:I've never understood why they fight this... by BasilBrush · · Score: 4, Insightful

    Because content providers like to be paid for their products. If you go to one of the app crack web-sites, it's amazing how so many jailbreakers can afford to buy an iPhone, but will then go to some effort to steal 99c from an app developer.

  6. Re:Where do they say that? by Khyber · · Score: 3, Insightful

    'No, it really isn't.'

    Yes, it really is. It is a misleading marketing tactic and it's improperly using technological terminology to fool a customer into thinking they're making the superior choice by purchasing an Apple product, when anyone with any real technical knowledge knows these claims are patently false.

    Did you fail English class?

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.